Privacy Policy

Effective Date: 02.Nov.2025

Last Updated: 02.Nov.2025

1. Introduction

Welcome to XP Lab (“we”, “our”, “us”). By accessing or using our website at https://www.xp-lab.com/ (the “Service”), you agree to the collection and use of your personal data in accordance with this policy. If you don’t agree, please don’t use the Service.

2. Who we are

XP Lab is the data-analytics education platform aimed at helping analysts build skills through home-assignment practice.

Contact: Tal Mizrachi

Email: tal@xp-lab.com

Data Protection Officer (if any): “Not applicable”

3. Data we collect

We may collect the following types of personal data:

  • Account registration data: name, email address, password (hashed)
  • Profile information: e.g., job-seeking status, skill level, location
  • Usage data: IP address, device type, browser type, activity logs (what assignments you view/submit)
  • Communications: messages you send to us or support requests
  • Payment data (if you upgrade to paid tier): billing name, payment method (we use third-party processor)
  • Optional data: any feedback or comments you provide.
  • Assignment submissions’ text

4. How and why we use your data

We use your personal data for these purposes:

  • To provide, maintain and improve the Service (e.g., authenticate your login, track your progress)
  • To manage your account (registration, login, password recovery)
  • To communicate with you (service announcements, updates, support)
  • To perform analytics on how users engage with assignments, to improve content and platform design
  • To administer paid tiers: processing payments, managing subscriptions
  • For compliance with legal obligations and to protect our rights.
  • To improve the feedback algorithm process.

5. Cookies and similar tracking technologies

We use cookies, web beacons and similar technologies to collect usage data and to personalise your experience. You can control cookies through your browser settings but disabling cookies may limit portions of the Service.

6. Data sharing and third-parties

We may share your personal data with:

  • Service providers and processors (e.g., payment processor, email provider, analytics provider) under contract and only on our instructions

  • Legal and regulatory bodies when required by law or to enforce our terms

  • In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity (we’ll notify you before it happens).

  • Under your explicit consent per employer - Employers that are looking for employees.

    We do not sell your personal data to third parties.

7. International transfers

Your data may be stored and processed in countries other than your own. Where we transfer data internationally, we implement appropriate safeguards (e.g., standard contractual clauses) to ensure adequate protection.

8. Data retention

We keep personal data only as long as necessary for the purposes outlined above, unless a longer retention period is required or permitted by law. The criteria for determining retention include: account activity, whether you paid for subscription, legal obligations, resolution of disputes.

9. Your rights

If you are located in the EU/EEA (or in other applicable jurisdictions), you have the following rights:

  • Right of access: request a copy of your personal data.

  • Right to rectification: ask us to correct inaccurate or incomplete data.

  • Right to erasure (“right to be forgotten”): in some cases you may ask us to delete your data.

  • Right to restrict processing: ask us to limit how we use your data.

  • Right to data portability: receive your data in a structured, commonly used format.

  • Right to object: object to our processing of your data based on legitimate interests.

  • Where processing is based on consent, the right to withdraw consent at any time.

    To exercise any of these rights, contact us at tal@xp-lab.com .

    We will respond within the timeframe required by applicable law (typically one month).

    If you consider our processing violates applicable law, you have the right to lodge a complaint with your supervisory authority.

10. Security

We implement technical and organisational measures to protect your personal data from unauthorised access, loss, misuse or destruction. However, no method of transmission or storage is 100% secure — we cannot guarantee absolute security.

11. Children

The Service is not intended for children under 13 (insert applicable age). We do not knowingly collect personal data from children under that age—if you believe we have done so, please contact us and we will delete the data.

12. Changes to this Policy

We may update this Privacy Policy from time to time. When we do, we’ll revise the “Last Updated” date at the top. We encourage you to review this page periodically. If we make material changes, we may notify you by email or via a notice on the Service.

13. Contact us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

tal@xp-lab.com

+972-054-4922227